Article ID: 329048
Article Last Modified on 5/3/2007
APPLIES TO
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
- Microsoft Windows Millennium Edition
- Microsoft Plus! 98 Standard Edition, when used with:
- Microsoft Windows 98 Standard Edition
- Microsoft Windows 98 Second Edition
This article was previously published under Q329048
SYMPTOMS
When you use a zipped file (a file that has a .zip file name extension), files are compressed in this zipped file so that the file uses less space on a hard disk. In Windows 98 with Plus! 98, Windows Millennium Edition (Me), and Windows XP, the Compressed Folders feature allows zipped files to be treated as folders. You can use the Compressed Folders feature to create, add files to, and extract files from zipped files.
The following vulnerabilities exist in the Compressed Folders function:
- An unchecked buffer exists in the program that handles the decompressing of files from a zipped file. When this program tries to open a file that has a specially malformed file name that is contained in a zipped file, Windows Explorer may fail or an attacker may be able to run any code. This behavior creates a security vulnerability.
- The decompression function may put a file in a folder that is different from, or that is a child of, the target folder that is specified by the user as the location where the decompressed zip files are put. This behavior may allow an attacker to put a file in a known location on the user's computer; for example, an attacker may put a program in a startup folder.
RESOLUTION
For more information about how to resolve this vulnerability, click one of the following links to view the section that applies to your situation.
Windows XP service pack information
To resolve this problem, obtain the latest service pack for Microsoft Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
322389 How to obtain the latest Windows XP service pack
Windows XP hotfix information
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that you determine are at risk of attack. Evaluate the computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to the computer. See the associated Microsoft Security Bulletin to help determine the degree of risk. This hotfix may receive additional testing. If the computer is sufficiently at risk, we recommend that you apply this hotfix now.
To resolve this problem immediately, download the hotfix by following the instructions later in this article or contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:
Note In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
Download Information
The patch for the "Unchecked Buffer in Zipped File Handling" vulnerability is included with Windows XP Service Pack 1 (SP1). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
322389 How to Obtain the Latest Windows XP Service Pack
The following file is available for download from the Microsoft Download Center:
English (US): Download the Q329048 package now
Arabic: Download the Q329048 package now
Chinese (Simplified): Download the Q329048 package now
Chinese (Traditional): Download the Q329048 package now
Czech: Download the Q329048 package now
Danish: Download the Q329048 package now
Dutch: Download the Q329048 package now
Finnish: Download the Q329048 package now
French: Download the Q329048 package now
German: Download the Q329048 package now
Greek: Download the Q329048 package now
Hebrew: Download the Q329048 package now
Hungarian: Download the Q329048 package now
Italian: Download the Q329048 package now
Japanese: Download the Q329048 package now
Korean: Download the Q329048 package now
Norwegian: Download the Q329048 package now
Polish: Download the Q329048 package now
Portuguese: Download the Q329048 package now
Portuguese (Brazil): Download the Q329048 package now
Russian: Download the Q329048 package now
Spanish: Download the Q329048 package now
Swedish: Download the Q329048 package now
Turkish: Download the Q329048 package now
Release Date: October 2, 2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
Installation information
You can install this update on Windows XP or Windows XP Service Pack 1 (SP1). For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
322389 How to Obtain the Latest Windows XP Service Pack
You must restart your computer after you apply this update. This update supports the following Setup switches:
- /?: Display the list of installation switches.
- /u: Unattended mode.
- /f: Force other programs to quit when the computer shuts down.
- /n: Do not back up files for removal.
- /o: Overwrite OEM files without prompting.
- /z: Do not restart when the installation is complete.
- /q: Quiet mode (no user interaction).
- /l: List installed hotfixes.
- /x Extract the files without running Setup.
For example, to install the update without any user intervention and to not force the computer to restart, use the following command line:
q329048_wxp_sp2_x86_enu /u /q /z
WARNING: Your computer is vulnerable until you restart it.
File information
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (also known as Universal Time Coordinate [UTC]). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
The following files are copied to the %Windir%\System32 folder.
Date Time Version Size File name ------------------------------------------------------------------- 25-Sep-2002 16:21 6.0.2600.101 316,928 Zipfldr.dll (pre-SP1) 25-Sep-2002 19:18 6.0.2800.1126 316,928 Zipfldr.dll (with SP1)
Windows Millennium Edition and Windows 98 with Plus! 98
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that you determine are at risk of attack. Evaluate your computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to your computer. See the associated Microsoft Security Bulletin to help determine the degree of risk. This fix may receive additional testing. If your computer is sufficiently at risk, Microsoft recommends that you apply this fix now.
To resolve this problem immediately, download the fix by clicking the download link later in this article or contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, please visit the following Microsoft Web site:
NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
Download information
The following files are available for download from the Microsoft Download Center:
Windows Millennium Edition
The Windows Millennium Edition (Me) update is available from the Windows Update site. To obtain the update, click the link below:
Windows 98 with Plus! Pack
Release Date: October 2, 2002
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
Installation information
You must restart your computer after you apply this update. This update supports the following Setup switches:
- /q: Quiet modes for packages.
- /t:
full path
: Specifies a temporary working folder. - /c: Extract files only to the folder when it is used also with /t.
- /c:
cmd
: Override the installation command that is defined by the author.
File information
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Windows Millennium Edition
Date Time Version Size Path and file name ------------------------------------------------------------------------ 10-Sep-2002 20:13 5.50.4921.1000 193,296 %Windir%\System\Zipfldr.dll
Windows 98 with Plus! Pack
Date Time Version Size Path and file name ------------------------------------------------------------------- 16-Sep-2002 19:24 5.0.531.0 188,688 %Windir%\System\Zipfldr.dll
STATUS
Microsoft has confirmed that this problem may cause a degree of security vulnerability in the Microsoft products that are listed at the beginning of this article.
Windows XP
This problem was first corrected in Microsoft Windows XP Service Pack 2.
MORE INFORMATION
For more information about this vulnerability, visit the following Microsoft Web site:
For additional information about dual-mode updates, click the following article number to view the article in the Microsoft Knowledge Base:
328848 Description of Dual-Mode Update Packages for Windows XP
Additional query words: security_patch
Keywords: kbhotfixserver kbqfe atdownload kbwinxpsp2fix kbenv kbbug kbfix kbsecbulletin kbsecurity kbsecvulnerability kbwinxppresp2fix kbwinxpsp1fix KB329048